DETECTION OVERVIEW

External Dharma Ransomware File Transfer

Risk Factors

Dharma is a popular ransomware family. Deploying Dharma requires skill that depends on the source and destination. The impact of ransomware on a business can be devastating, especially if sensitive or business-critical data is lost through encryption, or costly if a high ransom is paid.

The system might change the risk score for this detection.

Kill Chain

Command-and-Control

Risk Score

Attack Background

Dharma encrypts files and demands payment for the decryption key, similar to other ransomware families. Attackers often transfer malware from an external system into a compromised environment through a command-and-control channel or common protocol.

Mitigation Options

Monitor and investigate unusual activity to minimize potential damage

Configure host-based security tools to quarantine the host or otherwise prevent the file from executing

Filter ingress traffic at the network perimeter

MITRE ATT&CK ID

T1105

Professional Services

Partners

Partner Login

Partner Finder

View All Use Cases

View All Industries

View All Integrations

Attack Background

Mitigation Options

MITRE ATT&CK ID

What else can RevealX do for you?

View our Periodic Table of use cases